﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data;
using System.Data.SqlClient;
using System.Configuration;

public partial class Visitor_ChangeCustomerPassword : System.Web.UI.Page
{
    string user;
    SqlConnection cnn;
    SqlCommand cmd;
    SqlDataReader dread;

    protected void Page_Load(object sender, EventArgs e)
    {
        if (Session["Username"] == null)
        {
            Response.Redirect("LoginFail.aspx");
        }

        user = Session["Username"].ToString();
        cnn = new SqlConnection(ConfigurationManager.ConnectionStrings["OPOConnectionString"].ToString());
        cnn.Open();
        
    }

    protected void Page_PreInit(object sender, EventArgs e)
    {
        if (Convert.ToString(Session["Username"]) == "")
        {
            this.Page.MasterPageFile = "~/MasterPage/Visitor.master";
        }
        else
        {
            this.Page.MasterPageFile = "~/MasterPage/VisitorAfterLogin.master";
        }
    }

    protected void imgbChange_Click(object sender, ImageClickEventArgs e)
    {
        if (Session["Password"].ToString() != txtYCPassword.Text)
        {
            Response.Write("<script>alert('Your current password is invalid!')</script>");
        }
        else
        {
            dread.Close();
            cmd = new SqlCommand("Update Account Set Password = @Password where Username= '" + user + "'", cnn);

            cmd.Parameters.Add(new SqlParameter("@Password", SqlDbType.NVarChar, 50));
            cmd.Parameters["@Password"].Value = txtYNPassword.Text;
            cmd.ExecuteNonQuery();

            ScriptManager.RegisterStartupScript(this, this.GetType(), "key", "ShowMessage()", true);
        }
    }

    protected void imgbCancel_Click(object sender, ImageClickEventArgs e)
    {
        Response.Redirect("index.aspx");
    }
}